[Git][security-tracker-team/security-tracker][master] 2 commits: patch available for liblouis, triage in LTS
Antoine Beaupré
anarcat at debian.org
Wed May 30 16:51:41 BST 2018
Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b2e763e3 by Antoine Beaupré at 2018-05-30T11:38:44-04:00
patch available for liblouis, triage in LTS
- - - - -
81aa8758 by Antoine Beaupré at 2018-05-30T11:41:42-04:00
triage libpodofo out of lts
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -296,6 +296,7 @@ CVE-2018-11440 (Liblouis 3.5.0 has a stack-based Buffer Overflow in the function
[stretch] - liblouis <no-dsa> (Minor issue)
[jessie] - liblouis <no-dsa> (Minor issue)
NOTE: https://github.com/liblouis/liblouis/issues/575
+ NOTE: https://github.com/liblouis/liblouis/commit/4417bad83df4481ed58419b28c5c91b9649e2a86
CVE-2018-11439 [remote information disclosure via a crafted audio file in taglib 1.11.1]
RESERVED
- taglib <unfixed>
@@ -791,16 +792,19 @@ CVE-2018-11256 (An issue was discovered in PoDoFo 0.9.5. The function ...)
- libpodofo <unfixed> (low)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575851
CVE-2018-11255 (An issue was discovered in PoDoFo 0.9.5. The function ...)
- libpodofo <unfixed> (low)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575502
CVE-2018-11254 (An issue was discovered in PoDoFo 0.9.5. There is an Excessive ...)
- libpodofo <unfixed> (low)
[stretch] - libpodofo <no-dsa> (Minor issue)
[jessie] - libpodofo <no-dsa> (Minor issue)
+ [wheezy] - libpodofo <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1576174
CVE-2018-11253
RESERVED
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -29,6 +29,8 @@ libav (Hugo Lefeuvre)
NOTE: 20180529: Help is welcome, feel free to mail Hugo. Still up-to-date. Help needed for CVE triage and patch development.
NOTE: 20180529: Just contacted some of the CVE reporters to ask for the reproducers, CC-ed team ML.
--
+liblouis
+--
linux
--
ming (Hugo Lefeuvre)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c06d20ebb37e44ff8176e1956d4b949bcbbfab5e...81aa87586909eba76c2c2a289b2e6f6fc5776d43
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c06d20ebb37e44ff8176e1956d4b949bcbbfab5e...81aa87586909eba76c2c2a289b2e6f6fc5776d43
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180530/81ca345f/attachment.html>
More information about the debian-security-tracker-commits
mailing list